class AuthD::Request
	IPC::JSON.message ValidateUser, 2 do
		property user           : UserID
		property activation_key : String

		def initialize(@user, @activation_key)
		end

		def to_s(io : IO)
			super io
			io << " (user: #{@user}, activation_key: #{@activation_key})"
		end

		def handle(authd : AuthD::Service, fd : Int32)
			user = authd.user? @user
			# This is a way for an attacker to know what are the valid logins.
			# Not sure I care enough to fix this.
			return Response::ErrorUserNotFound.new if user.nil?

			if user.contact.activation_key.nil?
				return Response::ErrorUserAlreadyValidated.new
			end

			# Remove the user contact activation key: the email is validated.
			if user.contact.activation_key != @activation_key
				return Response::ErrorInvalidActivationKey.new
			end

			cloned_user = user.clone

			cloned_user.contact.activation_key = nil
			cloned_user.contact.email = cloned_user.contact.pending_email
			cloned_user.contact.pending_email = nil

			authd.users_per_uid.update cloned_user

			Response::UserValidated.new user.to_public
		end
	end
	AuthD.requests << ValidateUser

	IPC::JSON.message GetUser, 5 do
		property user : UserID

		def initialize(@user)
		end

		def to_s(io : IO)
			super io
			io << " (user: #{@user})"
		end

		def handle(authd : AuthD::Service, fd : Int32)
			logged_user = authd.get_logged_user? fd
			return Response::ErrorMustBeAuthenticated.new if logged_user.nil?

			user = authd.user? @user
			# This is a way for an attacker to know what are the valid logins.
			# Not sure I care enough to fix this.
			return Response::ErrorUserNotFound.new if user.nil?

			Response::User.new user.to_public
		end
	end
	AuthD.requests << GetUser
end
